Intrusion detection on campus network, the open-source approach: Accra Technical University case study

Abstract

The computer network security landscape in recent times has become a crucial area in computer networking for both network administrators and network users such that, a compromise of this network security makes the services it provides and more importantly the data it holds, highly susceptible to exploits by malicious people for different purposes and reasons. This is particularly so for campus networks in view of the fact that, they do not only provide services to promote academic work directly but in many ways are integrated into the administrative setup of the institutions they serve. This research therefore seeks to investigate the security threats and vulnerabilities of campus networks and systems to a great extent, so as to propose interventions to resolving these threats, vulnerabilities and exploits, so as to improve the security of these networks by conducting a penetration test that simulates Intrusion Detection employing free and open source software (FOSS) tools. The research adopted “Cloppert‟s kill chain” Approach to Penetration Testing. The elements of the simulation included the following FOSS tools VMware Fusion (Operating System simulator), Zentyal Server (unified network server), Snort (Intrusion Detection System), Suricata (Intrusion Prevention System), Nmap (Network scanning), OpenVAS (Vulnerability Assessment Software) and Metasploit Framework (Exploitation tool). Results of the simulation revealed injection flaws to be the prevalent security vulnerability that was exploited and hence, discussed to improve computer network and application security in a rather cost effective fashion